#include <PKCS11Signer.h>
Detailed Description
Definition at line 45 of file PKCS11Signer.h.
Constructor & Destructor Documentation
PKCS11Signer::PKCS11Signer |
( |
const std::string & |
driver | ) |
throw (SignException) |
Initializes p11 library and loads PKCS #11 driver.
- Parameters
-
driver | full path to the PKCS #11 driver (e.g. /usr/lib/opensc-pkcs11.so) |
- Exceptions
-
SignException | exception is thrown if the provided PKCS #11 driver loading failed. |
Definition at line 169 of file PKCS11Signer.cpp.
PKCS11Signer::~PKCS11Signer |
( |
| ) |
|
|
virtual |
Uninitializes p11 library and releases acquired memory.
Definition at line 178 of file PKCS11Signer.cpp.
References DEBUG.
Member Function Documentation
Finds all slots connected with the computer, if the slots have tokens, lists all certificates found in token. If there are more that 1 certificate lets the user application select (by calling the selectSignCertificate
callback function) the certificate used for signing.
- Returns
- returns certificate used for signing.
- Exceptions
-
throws | exception if failed to select the signing certificate. For example no cards found or card has no certificate. |
Implements digidoc::Signer.
Definition at line 245 of file PKCS11Signer.cpp.
References digidoc::X509Cert::cert, CKA_VALUE, CKF_SERIAL_SESSION, CKO_CERTIFICATE, CKR_OK, DEBUG, digidoc::X509Cert::handle(), i, digidoc::X509Cert::isValid(), THROW_SIGNEXCEPTION, and value.
Referenced by testX509Verify().
Abstract method that returns PIN code for the selected signing certificate. If PIN code is not needed this method is never called. To cancel the login this method should throw an exception.
- Parameters
-
certificate | certificate that is used for signing and needs a PIN for login. |
- Returns
- returns the PIN code to login.
- Exceptions
-
SignException | should throw an exception if the login operation should be canceled. |
Implemented in digidoc::EstEIDConsolePinSigner.
void PKCS11Signer::loadDriver |
( |
const std::string & |
driver | ) |
throw (SignException) |
Initializes p11 library and loads PKCS #11 driver.
- Parameters
-
driver | full path to the PKCS #11 driver (e.g. /usr/lib/opensc-pkcs11.so) |
- Exceptions
-
SignException | exception is thrown if the provided PKCS #11 driver loading failed. |
Definition at line 211 of file PKCS11Signer.cpp.
References CKR_OK, DEBUG, and THROW_SIGNEXCEPTION.
Abstract method for selecting the correct signing certificate. If none of the certificates suit for signing, this method should throw an SignException. This method is always called, when there are at least 1 certificates available.
- Parameters
-
certificates | available certificates to choose from. |
- Returns
- returns the certificate used for signing.
- Exceptions
-
SignException | should throw an exception if no suitable certificate is in the list or the operation should be canceled. |
Implemented in digidoc::EstEIDSigner.
Signs the digest provided using the selected certificate. If the certificate needs PIN, the PIN is acquired by calling the callback function getPin
.
- Parameters
-
digest | digest, which is being signed. |
signature | memory for the signature that is created. Struct parameter length is set to the actual signature length. |
- Exceptions
-
Implements digidoc::Signer.
Definition at line 336 of file PKCS11Signer.cpp.
References CKF_LOGIN_REQUIRED, CKF_PROTECTED_AUTHENTICATION_PATH, CKF_SERIAL_SESSION, CKM_RSA_PKCS, CKO_PRIVATE_KEY, CKR_CANCEL, CKR_FUNCTION_CANCELED, CKR_OK, CKR_PIN_INCORRECT, CKR_PIN_LOCKED, CKU_USER, DEBUG, e, ck_token_info::flags, getPin(), ck_token_info::label, digidoc::Exception::PINCanceled, digidoc::Exception::PINFailed, digidoc::Exception::PINIncorrect, digidoc::Exception::PINLocked, digidoc::Exception::setCode(), digidoc::PKCS11SignerPrivate::sha1, digidoc::PKCS11SignerPrivate::sha224, digidoc::PKCS11SignerPrivate::sha256, digidoc::PKCS11SignerPrivate::sha384, digidoc::PKCS11SignerPrivate::sha512, and THROW_SIGNEXCEPTION.
Referenced by testPKCS11Signer().
void PKCS11Signer::unloadDriver |
( |
| ) |
|
Member Data Documentation
The documentation for this class was generated from the following files: